[LARTC] 2 Questions on filtering incoming stuff

[Ed Wildgoose]

>>> First is: Can I prioritise my "drops" on incoming traffic when the 
>>> link is overloaded.  ie instead of just tail dropping, can I 
>>> "prefer" to drop certain classes of traffic?  If so, do I do this by 
>>> setting up, say, a HTB tree like on the incoming, but the only 
>>> action at the leaf is to drop?
>>
>>
>> You can't set up a HTB or any classful qdiscs on incoming traffic, 
>> you can only create ingress policer filters.  You can setup different 
>> filters with different priorities, to try and drop one particular 
>> type of traffic moreso than others.
>
>
> Thanks, this is helpful.
> Thinking about it though, the different filters priorities isn't going 
> to help too much?  eg if I want to accept ACK's, then incoming SMTP, 
> then other bulk downloads, then of course I can setup prioritised 
> "bands" by limiting some stuff more than others.  But I don't think 
> that a simple priority system will let me accept up to full bandwidth 
> of each, but dropping in a preferential order?  (Or do you think 
> simply matching each with a 200Kb/s filter in priority order from 
> highest to lowest will do the trick?)


Aha, just seen that you can setup HTB filters on incoming if you use the 
IMQ filter.  This looks like it will do the trick.  (See ADSL Bandwidth 
HOWTO for details)

Will play with that first. 

I still think it might be an interesting project for someone to use the 
IMQ filter to record incoming bandwidth, and then delay outgoing 
ACK's...  Presumably one would need to have a queue of incoming packets 
and sizes available from the incoming interface, then watch ack's coming 
back and take them out of the queue (just like a real TCP stack).  
However, you then rate limit the speed at which they are removed.  Of 
course it gets more complicated with respect to non selective ACK's and 
retransmits from the source side...  It would reduce the amount of 
bandwidth due to retransmits anyway...

Thanks all